Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

Threat Modeling: Tampering in Depth

via LinkedIn Learning

Overview

Learn how tampering threats work and how to mitigate them. Explore how attackers can tamper with a variety of systems and tools, from debuggers to cloud services.

Syllabus

Introduction
  • Mitigate tampering threats
  • Four-question framework
  • Tampering as part of STRIDE
1. Tampering with a Process
  • Debuggers and input
  • Libraries
  • Mobile
2. Tampering with Storage
  • Tampering with local storage
  • Permissions
  • Effects of tampering
3. Tampering with Things
  • Whose screw? Physical tampering matters
  • Debug interfaces are exposed
4. Tampering with Time Itself
  • Time is increasingly important
5. Tampering with Cloud
  • Controls and authentication
  • Becoming Jane Admin
6. Tampering with Data Flows
  • Channels and messages
  • Replay and reflection
  • Headers: Injection and order
7. Integrity Defenses
  • Prevention and detection goals
  • Crypto
  • Something more privileged
Conclusion
  • Next steps

Taught by

Adam Shostack

Reviews

4.8 rating at LinkedIn Learning based on 65 ratings

Start your review of Threat Modeling: Tampering in Depth

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.